Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/L6b5g54qXFSDmtuZOfxuwDNwSiY.roa
File: L6b5g54qXFSDmtuZOfxuwDNwSiY.roa (raw, json)
Hash identifier: jZ14UfvOcYP/EB3Ik+fO2vFApYSAZX7G9X5f+7rqEOo=
Subject key identifier: 2F:A6:F9:83:9E:2A:5C:54:83:9A:DB:99:39:FC:6E:C0:33:70:4A:26
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 533B
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/L6b5g54qXFSDmtuZOfxuwDNwSiY.roa
Signing time: Thu 09 May 2024 13:23:59 +0000
ROA not before: Thu 09 May 2024 13:23:59 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 21307 (0x533b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 9 13:23:59 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=2FA6F9839E2A5C54839ADB9939FC6EC033704A26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:72:5c:a8:9f:ef:98:ec:e5:01:0a:dd:77:3c:
18:96:2c:fd:af:02:ad:c9:57:3a:e3:4b:37:2f:8f:
af:10:5c:1e:11:2e:bf:ea:a5:30:df:3a:22:c9:60:
a1:bc:de:14:92:c6:42:0a:28:f7:5d:48:df:df:f8:
8c:80:34:68:9d:5f:fd:1b:09:44:0d:fc:c3:53:09:
0a:0d:7a:a7:10:e3:19:26:8e:8d:64:79:83:23:67:
8f:ef:5a:f6:fb:92:ba:76:bc:7b:64:a5:14:8d:04:
58:1c:0a:1b:a2:58:56:ac:47:1a:13:f8:71:9f:b2:
10:1e:3b:fe:76:60:a3:ee:a2:c7:db:6d:77:97:f0:
64:53:97:de:dc:95:0a:99:f8:a2:85:d1:e4:d5:9d:
63:27:37:18:88:a7:36:c7:27:b0:d4:2f:04:e1:e8:
da:c8:5a:ee:2b:e7:c9:88:5e:9d:92:52:5d:ba:99:
08:31:30:a9:80:50:26:93:51:58:4f:20:b8:04:9b:
ed:87:cb:b1:a9:d5:1f:72:5c:69:a5:4b:ae:c3:8e:
50:45:66:57:72:8f:6d:09:33:05:8b:d3:02:b0:72:
73:b3:d9:aa:c3:d2:ce:19:85:94:6b:6c:b6:78:18:
b7:5d:7e:d9:c4:7a:b3:7b:7b:dc:65:ee:58:b9:8a:
8b:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:A6:F9:83:9E:2A:5C:54:83:9A:DB:99:39:FC:6E:C0:33:70:4A:26
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/L6b5g54qXFSDmtuZOfxuwDNwSiY.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
34:40:cd:6b:a3:88:fa:1c:3c:64:b5:98:14:65:90:8a:4b:a3:
1e:16:fb:51:31:31:08:82:04:d3:b9:e2:84:f0:c3:11:42:32:
a7:09:9a:4b:85:87:d2:b8:12:2c:4f:cf:1a:1a:da:a9:12:1e:
8a:28:ec:66:f2:21:df:91:8d:8f:41:98:06:73:38:ad:64:6f:
ea:2c:12:3f:49:3a:f7:49:c2:fe:8f:b8:eb:59:b5:ed:a9:dd:
f3:79:fd:13:b1:22:fb:1f:94:ad:cd:1e:44:e1:4c:d4:a4:b4:
d2:1a:59:b3:06:91:01:dd:b7:4a:16:4e:e3:11:d6:f1:0e:48:
a4:94:0d:dc:39:3c:e3:99:31:22:4d:f2:8f:fa:6f:98:60:6a:
98:54:5c:d3:2d:5f:09:a5:01:7e:f1:70:a6:83:62:c1:88:55:
e2:16:f7:53:51:82:4a:c0:1d:c4:64:74:f1:f3:6b:20:e0:c9:
74:d2:43:d4:a7:ac:fa:5c:fe:d3:8c:2e:c0:44:09:3a:7f:fb:
9e:32:0f:17:85:1a:f0:3e:3d:94:47:1f:09:5a:20:24:0a:eb:
77:77:2b:51:a7:a1:88:09:dc:a6:b1:4a:f2:74:de:ca:72:66:
ae:15:83:8c:bf:0e:94:4e:9d:4a:49:e9:47:62:19:2b:6c:45:
c6:5e:a0:24
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICUzswDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDkx
MzIzNTlaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDJGQTZGOTgzOUUyQTVD
NTQ4MzlBREI5OTM5RkM2RUMwMzM3MDRBMjYwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQDCclyon++Y7OUBCt13PBiWLP2vAq3JVzrjSzcvj68QXB4RLr/q
pTDfOiLJYKG83hSSxkIKKPddSN/f+IyANGidX/0bCUQN/MNTCQoNeqcQ4xkmjo1k
eYMjZ4/vWvb7krp2vHtkpRSNBFgcChuiWFasRxoT+HGfshAeO/52YKPuosfbbXeX
8GRTl97clQqZ+KKF0eTVnWMnNxiIpzbHJ7DULwTh6NrIWu4r58mIXp2SUl26mQgx
MKmAUCaTUVhPILgEm+2Hy7Gp1R9yXGmlS67DjlBFZldyj20JMwWL0wKwcnOz2arD
0s4ZhZRrbLZ4GLddftnEerN7e9xl7li5iosbAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUL6b5g54qXFSDmtuZOfxuwDNwSiYwHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L0w2YjVnNTRxWEZTRG10
dVpPZnh1d0ROd1NpWS5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBADRAzWujiPocPGS1mBRlkIpLox4W+1Ex
MQiCBNO54oTwwxFCMqcJmkuFh9K4EixPzxoa2qkSHooo7GbyId+RjY9BmAZzOK1k
b+osEj9JOvdJwv6PuOtZte2p3fN5/ROxIvsflK3NHkThTNSktNIaWbMGkQHdt0oW
TuMR1vEOSKSUDdw5POOZMSJN8o/6b5hgaphUXNMtXwmlAX7xcKaDYsGIVeIW91NR
gkrAHcRkdPHzayDgyXTSQ9SnrPpc/tOMLsBECTp/+54yDxeFGvA+PZRHHwlaICQK
63d3K1GnoYgJ3KaxSvJ03spyZq4Vg4y/DpROnUpJ6UdiGStsRcZeoCQ=
-----END CERTIFICATE-----
Generated at Sat May 17 20:01:57 2025 by rpki-client